Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/GFU99RLT9rTvS32IS_2W-3Iieqg.roa
File: GFU99RLT9rTvS32IS_2W-3Iieqg.roa (raw, json)
Hash identifier: tbFvGkpn71BpTXnnQUxQsnbfJT/nt1/LaX/Ia4Vhp98=
Subject key identifier: 18:55:3D:F5:12:D3:F6:B4:EF:4B:7D:88:4B:FD:96:FB:72:22:7A:A8
Certificate issuer: /CN=fb061a39f0a037923113d6b8bb9b5bdab5b2f466
Certificate serial: 018DC7C569F726C2E80ED389A2ED357FE11F
Authority key identifier: FB:06:1A:39:F0:A0:37:92:31:13:D6:B8:BB:9B:5B:DA:B5:B2:F4:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/GFU99RLT9rTvS32IS_2W-3Iieqg.roa
Signing time: Tue 20 Feb 2024 18:27:00 +0000
ROA not before: Tue 20 Feb 2024 18:27:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205906
IP address blocks: 78.109.225.0/24 maxlen: 24
78.109.226.0/24 maxlen: 24
78.109.227.0/24 maxlen: 24
78.109.228.0/24 maxlen: 24
78.109.229.0/24 maxlen: 24
78.109.230.0/24 maxlen: 24
78.109.231.0/24 maxlen: 24
78.109.232.0/24 maxlen: 24
78.109.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 00:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c7:c5:69:f7:26:c2:e8:0e:d3:89:a2:ed:35:7f:e1:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb061a39f0a037923113d6b8bb9b5bdab5b2f466
Validity
Not Before: Feb 20 18:27:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=18553df512d3f6b4ef4b7d884bfd96fb72227aa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:89:76:c5:37:67:50:ad:71:1d:04:31:93:e6:
c4:63:60:97:f1:27:12:f0:a8:a7:53:11:06:cf:3a:
81:60:5b:90:11:96:04:ad:76:fa:d8:8c:94:3c:5c:
bd:a1:92:46:56:f3:30:22:88:f9:89:dd:15:95:2c:
ed:e3:9f:86:49:fd:e3:68:48:63:b7:ef:14:13:7e:
b4:ce:b3:e5:c1:06:8b:34:54:ad:e9:cc:39:80:95:
fc:e8:43:7b:69:99:f2:ab:48:f9:df:44:9e:fe:9d:
bc:2d:0e:ed:6e:53:53:f3:c0:28:35:a8:ed:ea:96:
92:8a:e0:09:a0:d0:ba:39:a0:b1:a2:b1:15:54:1a:
92:b4:c6:bf:a7:9e:64:cb:ea:19:85:ab:25:4e:06:
74:65:9e:56:8d:8f:0d:b2:ec:6e:58:be:d4:5f:07:
e3:99:36:7b:d3:0e:cd:48:8a:d6:e1:08:d2:97:89:
66:e3:83:85:15:3a:bc:19:ea:cc:00:9d:77:41:e8:
f7:76:54:23:4b:95:3c:11:fd:ba:7b:bf:30:07:5d:
5d:9a:83:2d:66:4a:88:19:6c:a5:1b:f4:79:88:7c:
e7:1f:93:d8:ed:c8:2b:87:eb:91:b9:53:15:ef:32:
0d:6d:c3:a1:6b:f5:00:45:24:a7:fa:46:b5:88:28:
43:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:55:3D:F5:12:D3:F6:B4:EF:4B:7D:88:4B:FD:96:FB:72:22:7A:A8
X509v3 Authority Key Identifier:
keyid:FB:06:1A:39:F0:A0:37:92:31:13:D6:B8:BB:9B:5B:DA:B5:B2:F4:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/GFU99RLT9rTvS32IS_2W-3Iieqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.109.225.0-78.109.232.255
78.109.239.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:59:d9:90:a5:3c:f1:b6:c9:11:ff:52:05:88:7e:fb:2c:b0:
42:ae:e0:f4:e0:2f:55:83:56:2d:1f:be:6e:b4:80:c9:00:77:
af:b8:6a:bf:75:db:2e:aa:f7:b1:d9:b3:17:15:e6:10:3f:c7:
97:67:e9:eb:4e:22:05:4d:d6:cb:24:e8:96:ba:d9:40:47:fb:
73:ae:2e:29:06:14:5a:21:82:1d:0f:89:b6:d5:20:17:87:a3:
16:d2:9c:ac:8f:fb:70:1f:52:62:dc:27:2e:7f:6b:0d:93:06:
73:ff:1e:75:ec:99:d6:4f:d4:bb:73:6f:c7:20:8d:89:28:84:
76:5c:79:06:87:29:05:87:e1:44:df:3c:3b:52:bd:4d:53:68:
8c:10:60:11:be:2c:9d:df:49:18:83:9d:63:19:bc:72:c9:66:
d8:a4:e9:eb:ac:76:22:3d:4c:ef:4e:07:ae:9b:b3:a5:7f:e2:
fe:f0:52:bd:fa:2f:0c:20:7b:0c:75:22:49:29:e0:30:da:97:
93:7b:2d:f8:55:56:6f:43:68:25:28:ac:aa:ce:f2:dc:77:c6:
05:5c:d7:15:c3:92:61:11:60:02:85:d8:82:ee:66:b4:d5:19:
66:d8:f4:d3:f4:d3:25:88:2c:b6:2c:23:80:ab:70:a9:42:69:
d9:e0:50:e6
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAY3HxWn3JsLoDtOJou01f+EfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMDYxYTM5ZjBhMDM3OTIzMTEzZDZiOGJiOWI1YmRhYjVi
MmY0NjYwHhcNMjQwMjIwMTgyNzAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODU1M2RmNTEyZDNmNmI0ZWY0YjdkODg0YmZkOTZmYjcyMjI3YWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIl2xTdnUK1xHQQxk+bEY2CX8ScS
8KinUxEGzzqBYFuQEZYErXb62IyUPFy9oZJGVvMwIoj5id0VlSzt45+GSf3jaEhj
t+8UE360zrPlwQaLNFSt6cw5gJX86EN7aZnyq0j530Se/p28LQ7tblNT88AoNajt
6paSiuAJoNC6OaCxorEVVBqStMa/p55ky+oZhaslTgZ0ZZ5WjY8NsuxuWL7UXwfj
mTZ70w7NSIrW4QjSl4lm44OFFTq8GerMAJ13Qej3dlQjS5U8Ef26e78wB11dmoMt
ZkqIGWylG/R5iHznH5PY7cgrh+uRuVMV7zINbcOha/UARSSn+ka1iChDBwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFBhVPfUS0/a070t9iEv9lvtyInqoMB8GA1UdIwQY
MBaAFPsGGjnwoDeSMRPWuLubW9q1svRmMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS13WWFPZkNnTjVJeEU5YTR1NXRiMnJXeTlHWS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjMvYTMyOTRiLWQ0NzgtNGRiZC1hYWU1
LWZkMTY3YWQ5MmE5ZC8xL0dGVTk5UkxUOXJUdlMzMklTXzJXLTNJaWVxZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjMvYTMyOTRiLWQ0NzgtNGRiZC1hYWU1LWZkMTY3YWQ5MmE5
ZC8xLzEtd1lhT2ZDZ041SXhFOWE0dTV0YjJyV3k5R1kuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLQYIKwYBBQUHAQcBAf8EHjAcMBoEAgABMBQwDAMEAE5t
4QMEAE5t6AMEAE5t7zANBgkqhkiG9w0BAQsFAAOCAQEAn1nZkKU88bbJEf9SBYh+
+yywQq7g9OAvVYNWLR++brSAyQB3r7hqv3XbLqr3sdmzFxXmED/Hl2fp604iBU3W
yyTolrrZQEf7c64uKQYUWiGCHQ+JttUgF4ejFtKcrI/7cB9SYtwnLn9rDZMGc/8e
deyZ1k/Uu3NvxyCNiSiEdlx5BocpBYfhRN88O1K9TVNojBBgEb4snd9JGIOdYxm8
cslm2KTp66x2Ij1M704HrpuzpX/i/vBSvfovDCB7DHUiSSngMNqXk3st+FVWb0No
JSisqs7y3HfGBVzXFcOSYRFgAoXYgu5mtNUZZtj00/TTJYgstiwjgKtwqUJp2eBQ
5g==
-----END CERTIFICATE-----
Generated at Sat Jun 1 10:00:13 2024 by rpki-client on console-ams.rpki-client.org